Many businesses are now talking about artificial intelligence (AI), and specifically machine learning, as a way to solve data problems more effectively. In theory, this sounds easy. What could be better than using AI to get a computer to learn how to solve a problem over time, without manual intervention? The reality is very different, however.
Every career has defining moments. Most are spread out over years or even decades, but the cybersecurity world has had two career-defining moments just in the past year. It started with the global shutdown due to the COVID-19 pandemic. Overnight, many organizations were forced to support employees working remotely. CISOs, like me, were expected to keep both our company and its employees safe in a completely unpredictable world.
As we look to improve the quality and capabilities of the JFrog DevOps Platform, especially in the world of DevSecOps, we have added powerful new features to further enhance the award-winning JFrog Xray. The capabilities detailed below cement Xray’s position as a universal software composition analysis (SCA) solution trusted by developers and DevSecOps teams globally to quickly and continuously identify open source software vulnerabilities and license compliance violations.
Arguably the greatest threat to organisations in 2021 is ransomware. Ransomware attacks proliferated in 2020, increasing by 435% compared to 2019. The number of ransoms paid has also increased from 39% in 2018 to 58% in 2020 (the figure is likely to be even higher when factoring in those organisations that have not disclosed whether a ransom has been paid).
If you know about a vulnerability, you can be certain that adversaries also know about it – and are working to exploit it. It sounds like a no-brainer; but using components with known vulnerabilities still makes #9 in the current OWASP list of the ten most critical web application security risks.
If you know about a vulnerability, you can be certain that adversaries also know about it – and are working to exploit it. It sounds like a no-brainer; but using components with known vulnerabilities still makes #6 in the current OWASP list of the ten most critical web application security risks.
Table of Contents In a webinar last December, Netacea’s Head of Threat Research, Matthew Gracey-McMinn, and Head of eCommerce, Tom Platt, joined forces to deep dive into the scale of the scalper bot problem, and the impact on the 2020 PS5 launch. If you missed the webinar, we’ve summarized the top takeaways for you here.
In 2021, Kroll investigators have had multiple opportunities to respond to a series of interconnected network intrusions, ransomware events and cyber incidents which, upon investigation and review, possessed overlapping tactics, techniques and procedures (TTPs) and similar indicators of compromise (IOC) among them. The incidents affected organizations of various sizes across diverse industry sectors through what Kroll’s investigations confirmed was a range of separate intrusion vectors.
In todays political landscape a more aggressive enforcement approach from health and safety regulators is fast approaching. For employers looking to reduce their business risk, achieving regulatory compliance starts with creating an audit program that is both strong and sustainable. However, with COVID-19 restrictions still in place, many organizations are facing new barriers that may impede how they assess compliance and limit their potential exposure.
The wide-spread adoption of cloud infrastructure has proven to be highly beneficial, but has also introduced new challenges and added costs – especially when it comes to security. As organizations migrate to the cloud, they relinquish access to their servers and all information that flows between them and the outside world. This data is fundamental to both security and observability.
